Zero Day Initiative

Entity category: organization

BigTech Companies

Critical Windows 0-Day Fixed: CISA Issues Urgent Alert

January 15, 2026
Zero Day text with spider on binary code background.

A critical Windows zero-day vulnerability (CVE-2026-20805) is being actively exploited, prompting urgent patching and a CISA mandate for federal agencies…

Read More »
Cybersecurity

Synology Patches Critical BeeStation Flaws Exposed at Pwn2Own

November 13, 2025
The Synology logo in white and black text on a red background.

Synology released a critical security update for BeeStation devices to fix a remote code execution vulnerability (CVE-2025-12686) caused by an…

Read More »
BigTech Companies

Urgent Windows Flaw CVE-2025-9491 Actively Exploited by Hackers

November 1, 2025
The Windows logo with water droplets and rain falling.

A critical Windows security flaw (CVE-2025-9491) is being actively exploited by hacking group UNC6384, enabling unauthorized code execution through malicious…

Read More »
BigTech Companies

Microsoft Fixes Critical WSUS Flaw Under Active Attack

October 25, 2025
Windows Server logo superimposed on a stylized cityscape with servers resembling buildings at sunset.

Microsoft has released an emergency patch for a critical, actively exploited vulnerability (CVE-2025-59287) in Windows Server Update Services, allowing unauthorized…

Read More »
BigTech Companies

Microsoft Fixes 3 Actively Exploited Zero-Day Vulnerabilities

October 21, 2025
Multiple computer screens displaying code and data, with 'PATCH TUESDAY' prominently shown.

Microsoft patched three actively exploited zero-day vulnerabilities in its October 2025 Patch Tuesday, including flaws in a pre-installed modem driver,…

Read More »
Business

SolarWinds Patches Critical RCE Flaw in Web Help Desk

September 25, 2025
SolarWinds Web Help Desk interface showing a new IT request form with fields for type, subject, detail, and priority.

SolarWinds has released a critical update for its Web Help Desk software to patch CVE-2025-26399, an unauthenticated remote code execution…

Read More »
BigTech Companies

Microsoft, Adobe, SAP Issue Critical September 2025 Patch Tuesday Updates

September 11, 2025
A stylized package with a plus sign floats in a server room, symbolizing Patch Tuesday updates.

The September 2025 Patch Tuesday included critical security updates from Microsoft, Adobe, and SAP, addressing numerous vulnerabilities not currently under…

Read More »
BigTech Companies

Microsoft Patches Critical Kerberos ‘BadSuccessor’ Flaw (CVE-2025-53779)

August 15, 2025
Graphic for Patch Tuesday, featuring a large pill on a distressed, paint-splattered background.

Microsoft's August 2025 Patch Tuesday fixes over 100 vulnerabilities, including a critical Kerberos flaw (CVE-2025-53779) that could grant domain admin…

Read More »
Cybersecurity

Active Exploits Target Trend Micro Apex One Flaws (CVE-2025-54948, CVE-2025-54987)

August 7, 2025
Trend Micro logo with stylized city map showing red network connections, symbolizing cybersecurity protection.

Security teams are alert as attackers exploit unpatched vulnerabilities (CVE-2025-54948 and CVE-2025-54987) in Trend Micro's Apex One, risking remote code…

Read More »